I’m a dev in recovery. When I looked for addiction recovery apps, I realized the user isn’t the customer, they are the product.
Most “free” recovery apps literally sell your addiction data. If you are recovering from gambling, they can sell your behavioral profile back to gambling networks. If you are recovering from alcohol, they sell your data to advertisers that then advertise alcohol to you.
I built LiftMind
It’s an AI-driven addiction recovery strategist and journaling app, but I architected it to be hostile to surveillance. It is still in beta, and I need a gut check from this community on the setup:
Monero First: I accept XMR Monero so the payment layer is as anonymous as the auth layer.
No Personal Info: I don’t ask for an email, name, or phone number. You reg with just a username and password. If I look at the DB, I can’t tell who is who.
Blind AI Proxy: I use an external LLM (Gemini) for the intelligence, but I treat it like a calculator, not a database. Your ip, username or any other data is never sent to gemini, only the data required for pattern recognition is sent. Google only sees a request coming from my server IP, but they have no way to link it to “You”.
My Question: Since I don’t collect the PII to begin with, is this “Blind Proxy + No KYC” model is sufficient for high-threat models?
I used to daily drive Qubes OS, so I totally get your point on correlation.
But I had to prioritize utility. LiftMind’s main purpose is 1. to actually work and help people overcome addiction, and 2. to provide a safe harbor for people who don’t want to hand over personal info.
The main “threat” I’m solving for right now is the paper trail, allowing people to pay via XMR so their bank statement doesn’t show they are using a recovery service. It might not be bulletproof for a targeted attack yet, but it solves the immediate privacy problem for most people.